Systems and methods for ransomware detection and mitigation

a ransomware and detection system technology, applied in the field of cybersecurity technology, can solve problems such as improper cryptovariable reuse, shortening the time of encryption, and affecting the implementation of encryption algorithms

Pending Publication Date: 2021-01-28
CYBER CRUCIBLE
View PDF6 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0021]According to other details of the present invention, the remedial action includes notifying a user of the target system or automatically uploading an accessed trap file.

Problems solved by technology

Discovered logic fallacies which may have reduced naive decryption to still-longer-than-lifetimes (for example) timeframes, over time become threats resulting in decryption in much shorter times due to improvements in computing power.
For ransomware authors, this means that encryption operations, improperly conducted, may result in opportunities for advanced cybersecurity defenders to exploit those vulnerabilities to decrypt without paying the ransom, even if the encryption algorithm used is strong.
This included predictable cryptovariables, such as encryption keys that are not created via proper randomization (an encryption key of all zeroes, for example), improper cryptovariable reuse, and improper implementation of encryption algorithms.
Additionally, automated spreading of ransomware malware from device to device may result in additional connected victims not related to the origina

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Systems and methods for ransomware detection and mitigation
  • Systems and methods for ransomware detection and mitigation
  • Systems and methods for ransomware detection and mitigation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034]The present invention relates to systems and methods for ransomware detection and protection, as described in detail below in connection with FIGS. 1-11.

[0035]A part of the ransomware behavior detection strategy is the use of monitored artifacts placed on the system. One such artifact is a trap file positioned within a filing system used by an operating system of a computing device, including a processing node or machine, a client, a server or a stand-alone workstation. Access to a trap file indicates a probability of a ransomware attack. These artifacts are placed by position, content, and quality to enable a very high probability of both detection of ransomware activity and behavior of the ransomware activity, and a very low probability of users encountering the artifacts.

[0036]In one embodiment, the present invention relates to systems and methods for automatically discovering the start of a ransomware attack based on access to trap files and defeating an attacker's encrypt...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

System and method for protecting a computing device of a target system against ransomware attacks employs a file system having a data structure used by an operating system of the computing device for managing files. A software or a hardware installed agent in the computing device performs one or more actions autonomously on behalf of the target system. The agent autonomously creates one or more trap files in the data structure of the filing system. A trap file is a file access to which indicates a probability of ransomware attack. The agent monitors access to the one or more trap files. Upon detecting access to a trap file, remedial action is performed by the target system against the probability of ransomware attack.

Description

BACKGROUNDTechnical Field[0001]The present disclosure relates generally to cybersecurity technology. More specifically, the present disclosure relates to systems and methods for ransomware detection and mitigation.Related Art[0002]In the cybersecurity field, ransomware is malware which denies a victim access to data or equipment until an attacker allows access to be returned. Typically, access is denied due to the attacker encrypting the victim's data, and decryption capability is provided after the victim pays the ransom. Defensive and attacker ransomware-focused capabilities have matured in capability and complexity of encryption capability, scope of resources denied, and payment methodologies.[0003]Regarding encryption capability, encryption algorithms have grown in quality to the standardized encryption algorithms and implementations seen in use today for regulated and secure government, military, and commercial uses. The quality of an encryption algorithm is assessed based on t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F16/22
CPCG06F21/566G06F2221/034G06F16/2246G06F16/9027G06F21/554G06F21/552
Inventor UNDERWOOD, DENNISNEHMAN, KYLEGREENBERG, NOAHWEIDEMAN, MARK
Owner CYBER CRUCIBLE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap